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In the Claims: 

Please amend Claims 1, 3-5, 10, 13, 16-18; cancel claims 2, 6, 15, 19, 26-50; and add new 
Claim 51-54, all as shown below. Applicant respectfully reserves the right to prosecute any 
originally presented claims in a continuing or future application. 

1 . (Currently Amended) A system for single security administration comprising: 

a p l ura li ty of first type server servers , wherein each of the p l ura li ty of first type server 



a plurality of second type servers, wherein each second type server [[that]] includes an 
embedded [[LDAP]] server[[;]] and each second type server is associated with a security data 
repository that res i des i n the second type server and provides to the second type server user 
security information associated with both the p l ura li ty of first type server servers and the second 
type server; 

wherein the first type server holds only access control list and relies on one of the plurality 
of second type servers to provide user and group information, and, 

wherein, in response to receiving a request for authentication from a c li ent user at any one 
of sa i d the p l ura li ty of first type server servers , the authentication server at the first type server 
determines which second type server stores security information for the particular user; the system 

initiates an [[LDAP]] session between sa i d one of sa i d the p l ura li ty of f irst type 
server servers and said second type server[[,]fc 

passes query information from said [[LDAP]] authentication server to said embedded 
[[LDAP]] server[[,]]; 

receives corresponding user information^,]]; and 

creates a token that reflects an authentication result that can be used by said client. 

2. (Canceled). 

3. (Currently Amended) The system of claim 1 wherein each of said p l ura li ty of first type server 
servers is an application enterprise server. 




includes an [[LDAP]] authentication 



server; 
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4. (Currently Amended) The system of claim 1 wherein said each second type server is an 
application server. 

5. (Currently Amended) The system of claim 1 wherein each of said plurality of first type servers 
is a Tuxedo enterprise server, and said second server is [[a]] an application Web l og i c server. 

6. (Canceled). 

7. (Original) The system of claim 1 wherein said query information is query user information that 
specifies a particular user or group of users. 

8. (Previously Presented) The system of claim 1 wherein the system includes a plurality of servers. 

9. (Original) The system of claim 8 wherein at least two of said plurality of servers include an 
LDAP authentication server. 

1 0. (Currently Amended) The system of claim 1 , further comprising a user information cache 
that caches a copy of said use r authentication information in case of a failure in a communication 
link between the first type server and the second type of server . 

11. (Original) The system of claim 1 wherein the system is scalable to include multiple LDAP 
authentication servers and/or multiple embedded LDAP servers. 

12. (Original) The system of claim 1 wherein at least one of said servers include a console 
program for administering the security of the system. 

1 3. (Currently Amended) A method for providing single security administration comprising the 
steps of: 

issuing a call to an [[LDAP]] authentication server at one of a p l ura li ty of f irst type server 
servers , wherein the one of the p l ura li ty of f irst type server servers holds only group i nformat i on 
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arid-access control list and relies on one of the plurality of second type servers to provide user and 
group information ; 

determining which second type server stores security information for the particular user; 

passing guery user information from said [[LDAP]] authentication server to an embedded 
LDAP server at [[a]] the second type server, wherein the second type server includes a single 
security data repository that provides the second type server user security information associated 
with both the one of the first type servers and the second server; 

returning corresponding user information to said [[LDAP]] authentication server; and, 

providing an authentication token for use by the client. 

14. (Original) The method of claim 13, further comprising the step, prior to issuing a call, of 
allowing a client to access a default security plugin. 

15. (Canceled). 

1 6. (Currently Amended) The method of claim 1 3 wherein each of said p l u r a li ty of first type server 
servers is an enterprise server. 

17. (Currently Amended) The method of claim 13 wherein said each second type server is an 
application server. 

1 8. (Currently Amended) The method of claim 1 3 wherein each of said plurality of first type servers 
is a Tuxedo enterprise server, and said second server is [[a]] an application Web l og i c server. 

19. (Canceled). 

20. (Previously Presented) The method of claim 1 3 wherein said guery user information is guery 
user information that specifies a particular user or group of users. 
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21. (Previously Presented) The method of claim 13, further comprising: 

including a plurality of servers. 

22. (Original) The method of claim 21 wherein at least two of said plurality of servers include an 
LDAP authentication server. 

23. (Original) The method of claim 13, further comprising a user information cache that caches 
a copy of said user information. 

24. (Previously Presented) The method of claim 13, further comprising: 

being scalable to include multiple LDAP authentication servers and/or multiple embedded 
LDAP servers. 

25. (Original) The method of claim 13 wherein at least one of said servers include a console 
program for administering the security of the system. 

26-50. (Canceled). 

51 . (New) The system of claim 1 , wherein: 

the user and group information is eliminated from the first type server. 

52. (New) The system of claim 1 , wherein: 

the session is a LDAP session that supports a single user security data store and 
administration. 

53. (New) The system of claim 1 , wherein: 

each of the plurality of second type of servers supports backup or failover authentication. 

54. (New) The system of claim 1 , wherein: 
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the first type server also supports a separate independent authentication mechanism with 
a separate security repository. 

54. (New) The system of claim 53, further comprising: 

a migrating utility that takes user security information from the separate security repository 
associated with the first type server and updates the security data repository associated with at 
least one of the plurality of second type servers. 
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